Intermittent DNS - intoDNS provides some insight

12bytes.org always seems to resolve, but host.12bytes.org resolves intermittently - i may be working in the CP for an hour or more, then the connection is dropped

intoDNS indicate issues with glue records…

DNS Parent sent Glue

The parent nameserver b2.org.afilias-nst.org is not sending out GLUE for every nameservers listed, meaning he is sending out your nameservers host names without sending the A records of those nameservers.

i have no idea who b2.org.afilias-nst.org is - when i run a whois, the nameservers are:

ns1.dyna-ns.net
ns2.dyna-ns.net

Glue for NS records

INFO: GLUE was not sent when I asked your nameservers for your NS records. […] The nameservers without glue are:
162.159.26.92
162.159.24.5
You can fix this for example by adding A records to your nameservers for the zones listed above.

i’m baffled by this - why would i have to set up A records for nameservers on the host (dynadot) whose nameservers i’m using?

DNS records on the server are…

12bytes.org 	       SOA - Start Of Domain 	host.12bytes.org. root.host.12bytes.org. 2023010300 3600 600 1209600 3600
12bytes.org 	       NS - Name Server 	host.12bytes.org.
12bytes.org 	        A - IPv4 Address 	45.42.246.86
www.12bytes.org 	    A - IPv4 Address 	45.42.246.86
m.12bytes.org 	        A - IPv4 Address 	45.42.246.86
localhost.12bytes.org 	A - IPv4 Address 	127.0.0.1
webmail.12bytes.org 	A - IPv4 Address 	45.42.246.86
admin.12bytes.org 	    A - IPv4 Address 	45.42.246.86
mail.12bytes.org 	    A - IPv4 Address 	45.42.246.86
12bytes.org 	        MX - Mail Server 	5 mail.12bytes.org.
12bytes.org 	        SPF - Sender Permitted From 	v=spf1 (remainder stripped)
202300._domainkey.12bytes.org 	TXT - Text 	v=DKIM1; (remainder stripped)
_dmarc.12bytes.org 	            DMARC 	v=DMARC1; p=none; pct=100; (remainder stripped)
host.12bytes.org 	            A - IPv4 Address 	45.42.246.86
12bytes.org 	NSEC3PARAM

i don’t remember if virtualmin added a host.* A record or not - what i do know is that the configuration check passed… until it didn’t, after which i added the host.* record

DNS on the registrar is…

SYSTEM INFORMATION
ubuntu 22.04 LTS
Virtualmin 7.3

When I query whois for your domain, I get the following:

Name Server: ns1.dyna-ns.net
Name Server: ns2.dyna-ns.net

That’s not your Virtualmin server, so I’m not sure why you’re talking about records on the Virtualmin server. Your Virtualmin server is not authoritative for your zone, so the records on the Virtualmin server are meaningless; you don’t even need the DNS feature enabled, if you’re not using the Virtualmin server to host your DNS.

It looks like maybe you’ve set the name servers at your registrar (the glue records) to be IP addresses without names. Virtualmin has no control over this.

To be clear: If you want Virtualmin to manage your DNS, you need to delegate to the Virtualmin server and a secondary DNS server that is configured as a slave. It’s fine to leave it with your registrar (or some other third party DNS host), but you need to know where to look when you’re trying to figure out DNS problems. Right now, looking at Virtualmin for DNS problems on a completely different system is not going to help you.

you suggested before to host DNS on the registrar, however before i dump DNS on the server, i humbly ask that you consider the following to see if that still makes sense in my case…

  • i’m the only user and domain on the server, for now and for ever
  • i have only 1 static ipv4, so i think slave DNS is a no-go (and i realize a slave isn’t required)
  • if i use the server DNS than that becomes a singular point of failure, however, if the server drops, then hosting DNS on the registrar (or anywhere else) doesn’t do me any good
  • unless i’m wrong, multiple nameserver records would be pointless

the only thing i can think of that might be an issue is a ton of requests to my server from the poorly configured routers (or whatever stores ip/hostnames) or… or whoever - so maybe that’s a valid concern

that said, would you still recommend doing DNS on the registrar?

I don’t care what you do, it’s your server and your website(s)/mail/etc.; your registrar will probably require you to provide two hostnames with two different IPs, though.

All I’m saying is that right now, you haven’t delegated authority for your zone to your Virtualmin server, so, modifying records on the Virtualmin server isn’t doing anything useful.

that doesn’t answer my question

you have the technical knowledge, i don’t

i asked what you would suggest given the particulars of my situation which i outlined

it seems to me that running DNS on the server is easier to handle since Virtualmin sets up most of the necessary records, but i don’t know that this is the better way to go, which is why i asked

Yes, I prefer to host my own DNS. But, I have multiple DNS servers.

In cases where I’m setting up a server for a friend or organization or something and they only have one, I keep the DNS at the registrar or set it up in Route53 depending on their budget and technical expertise in-house.

I’ve already told you all this, though, which is why I’m not going to try to talk you into going one way or another. You know I recommend you have two. You know you don’t have to have two (though many registrars at least make you have two IPs). What you do is up to you.

For one website, you do not need that many records. It’s not some major ordeal to manually create them at your registrar.

my problem with intermittent DNS for the host.* domain appears to have been caused by a local network issue on my end, not the server

1 Like

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.